VDE-2021-019
May 14, 2025, 3:00 PM
Phoenix Contact Classic Line industrial controllers are developed and designed for the use in closed industrial networks. The communication protocols and device access do not feature authentication measures. Remote attackers …
VDE-2020-022
May 14, 2025, 3:00 PM
The firmware release has a dynamic token for each request submitted to the server, which makes repeating requests and analysis complex enough. Nevertheless, it's possible and during the analysis it …
VDE-2024-027
May 14, 2025, 3:00 PM
All legitimate local Microsoft Windows users can read or modify files that are located in the working directory of the affected CODESYS products, even if they are executed under a …
VDE-2017-006
May 14, 2025, 3:00 PM
PHOENIX CONTACT FL SWITCH 3xxx series, FL SWITCH 4xxx series, and FL SWITCH 48xx series products running firmware version 1.0 to 1.32 allow unauthenticated users with network access to gain …
VDE-2020-038
May 14, 2025, 3:00 PM
Several vulnerabilities exist within firmware versions up to and including v1.5.48.
VDE-2020-029
May 14, 2025, 3:00 PM
The Web-Based Management (WBM) of WAGOs programmable logic controller (PLC) is typically used for administration, commissioning and updates. The SNMP configuration page of the device is vulnerable for a persistent …
VDE-2024-031
May 14, 2025, 3:00 PM
The data24 service that is bundled with every installation of myREX24 V2/myREX24.virtual has two serious flaws in core components. These combined can lead to a complete loss of confidentiality, integrity …
VDE-2024-067
May 14, 2025, 3:00 PM
Vulnerabilities in .NET and Visual Studio functions System.Text.Json, System.Formats.Asn1, OPCFoundation.NetStandard.Opc.Ua.Core allow an remote attacker to execute a Denial-of-Servce attack.